Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

2/24/2012
09:16 AM
50%
50%

Free Anti-Virus Software Fails To Charm Enterprises

As free AV gains popularity with consumers, could Symantec and McAfee ever be chased from their top spots in the enterprise?

Who likes paying for antivirus software?

Based on the popularity and high marks given to free antivirus software--including AVG, Avast, and Avira--many consumers have been more than happy to kiss paid antivirus tools goodbye. While it's been a great cash cow for information security software vendors that bank on the proceeds from annual virus update renewals, conceptually speaking, why isn't antivirus just built into the operating system?

Of course, free antivirus tools make that philosophical question--and annual wallet hit--go away. But why hasn't free AV made it out of the consumer and small-business realm and into the enterprise?

One reason is that unseating established enterprise antivirus players remains tough. "No enterprise CISO has gotten fired for recommending Symantec, and then Symantec for letting an infection through. Symantec or McAfee are very well-known names," says Vince Steckler, CEO of Avast, at the company's offices in Prague. "Now, if you buy a less well-known brand that lets an infection through, you can get fired."

Competing in the enterprise market also isn't easy. "It's just a much more expensive sector to sell into and support, and the margins are much lower," says Steckler, who's worked as the senior vice president of worldwide consumer sales at Symantec. "It's sexy, but there's not as much money in it." That's one reason why Avast predominantly targets consumers and businesses with less than 50 endpoints, he says.

Another is that building and maintaining a highly scalable antivirus management console--as demanded by IT departments at large businesses--is difficult. Add to that the cost of global sales teams, round-the-clock support teams in every customers' language, engineers who install the products on-site--and remain on call in the event of outages--and per-seat revenue that may be as little as $1, and it makes the enterprise AV market look like a rough place to be.

Indeed, the economics of the free and freemium AV market seem positively utopian in comparison. "I can afford to pay to buy free users now," says AVG CEO J.R. Smith, speaking by phone. AVG notably went public this month--coincidentally, at the same time as Facebook--and said it earned $255 million in revenue in the last 12 months, and now counts 106 million users. Who doesn't want a piece of that?

[ Privacy and security are closely tied together. Read Obama's Consumer Privacy Bill of Rights: 9 Facts. ]

Smith was careful to note that his company doesn't use any analytics software on its users, or spy on them in any way. But AVG crowdsources a substantial amount of information on malware, and that helps generate revenues that cover its free tools. "We get lots of threat data ... lots of customers download our software and opt in. We evaluate about a billion potential threats in our endpoint systems every day," he says. "You [can] take that and feed it, say, to Microsoft on a daily basis, so they can update their blacklist to help keep their customers safe. Yes they're a competitor, but we're happy with that."

When it comes to making money off of the likes of Microsoft, free antivirus vendors aren't interested in all free users; just the valuable ones. Smith says 90% of his company's focus is on just nine countries, between the United States and Europe, which speak English and in which the company has good brand-name recognition.

Another hurdle to free antivirus software in the enterprise is simply that--legally speaking--it typically isn't licensed for large-business use. "Our license actually doesn't allow businesses to use our free product. It's the same thing with our two main free competitors," says Avast's Steckler. Of course, that doesn't mean that some businesses aren't using free antivirus anyway.

As free AV gains popularity, could Symantec and McAfee ever be chased from their top spots in the enterprise? No doubt they'll see more competition, and from an enterprise standpoint--value, features, ease of use--competition is always a very good thing.

"It's the nature of things to change," says Steckler. "Kaspersky had virtually no presence in the corporate world five years ago, now they're pretty meaningful. We had virtually no presence in the consumer world five years ago, now we're very meaningful. And users' perceptions to 'free' change over time."

For example, Steckler says that Avast conducted a survey in 2010 to gauge consumers' perceptions to free software. Consumers in France were for it, users in the U.S. largely against it, and Britain registered in the middle. Steckler says that it's no coincidence that Avast has seen large uptake of its free product in France. But will the United States and Britain be far behind?

Likewise, how enterprises procure their software will evolve. "Consumers bought software at retail, now they buy software online. Enterprises buy software from sales reps, and they will--over time--move towards buying the service or the product online, and as they do so, then that's our opportunity," says Steckler.

If new enterprise antivirus players come calling, will IT managers listen? Then again, with the growing use of mobile devices, including smartphones and tablets, might today's antivirus tools simply become a consumer-demanded, baked-in part of future computing devices and operating systems? Arguably, the only thing better than free is not having to bother at all.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GeneIT
50%
50%
GeneIT,
User Rank: Apprentice
2/27/2012 | 7:11:41 PM
re: Free Anti-Virus Software Fails To Charm Enterprises
It seems like AV has just become a monitoring and reporting tool with occasional malware prevention. Treat it as just one layer to protect your system infrastructure. Stay out of the dark ages and use Deep Freeze, Content Filtering Appliance, System Hardening Techniques, and VDI to keep malware from looming around your organization.
Bprince
50%
50%
Bprince,
User Rank: Ninja
2/26/2012 | 3:38:35 AM
re: Free Anti-Virus Software Fails To Charm Enterprises
As long as the paid versions have protections the free versions don't, there will always be an advantage on their side in my opinion.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26120
PUBLISHED: 2020-09-27
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image callbacks to fire even witho...
CVE-2020-26121
PUBLISHED: 2020-09-27
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an uploa...
CVE-2020-25812
PUBLISHED: 2020-09-27
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.
CVE-2020-25813
PUBLISHED: 2020-09-27
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
CVE-2020-25814
PUBLISHED: 2020-09-27
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> ...